Computer system security and control-2.pptx
•Download as PPTX, PDF•
0 likes•37 views
This document discusses computer system security and control. It outlines the objectives of information security as confidentiality, data integrity, and availability. It also describes various types of information security such as application security, cloud security, cryptography, and infrastructure security. Reasons why computer systems are vulnerable include increased access, disgruntled employees, complexity, cyber crimes, complacent management, and natural disasters. Controls to enhance security involve physical controls, access controls, backups, and administrative procedures.
Report
Share
Report
Share
Recommended
WK8.pptx
This document provides an overview of e-security and discusses key concepts like dimensions of security design, firewalls, virus protection, and protection from intruders. It defines e-security and its importance for e-commerce. Common e-commerce security pitfalls like hackers gaining access to information and loss of customer confidence are outlined. Tools for e-security like firewalls, password managers, and encryption software are also mentioned.
Security and Ethical Challenges Contributors Kim Wanders.docx
Security and Ethical Challenges
Contributors: Kim Wandersee, Les Pang
Computer Security
Computer Security Goals
Computer security must be viewed in a holistic manner and provide an end-to-end protection
as data moves through its lifecycle. Data originates from a user or sensor, passes over a
network to reach a computing system that hosts software. This computer system has software
and processes the data and stores in in a storage device. That data is backed up on a device
and finally archived. The elements that handle the data need to be secure. Computer security
pertains to all the means to protect the confidentiality, integrity, availability, authenticity,
utility, and possession of data throughout its lifecycle.
Confidentiality: A security principle that
works to ensure that data is not disclosed to
unauthorized persons.
Integrity: A security principle that makes sure
that information and systems are not
modified maliciously or accidentally.
Availability: A security principle that assures
reliable and timely access to data and
resources by authorized individuals.
Authenticity: A security principle that the
data, transactions, communications or
documents are genuine, valid, and not
fraudulent.
Utility: A security principle that addresses
that the information is usable for its intended
purpose. .
Possession: A security principle that works to
ensure that data remains under the control of
the authorized individuals.
Figure 1. Parkerian Hexad (PH) security model.
The Parerian Hexad (PH) model expands on the Confidentiality, Integrity, and Availability (CIA)
triad that has been the basic model of Information Security for over 20 years. This framework is
used to list all aspects of security at a basic level. It provides a complete security framework to
provide the means for information owners to protect their information from any adversaries
and vulnerabilities. It adds Authenticity, Utility, and Possession to CIA triad security model. It
addresses security aspects for data throughout its lifecycle.
The Center for Internet Security has identified 20 controls necessary to protect an organization
from known cyber-attack. The first 5 controls will provide effective defense against the most
common cyber-attacks, approximately 85% of attacks. The 5 controls are:
1. Inventory of Authorized and Devices
2. Inventory of Authorized and Unauthorized Software
3. Secure Configurations for Hardware and Software
4. Continuous Vulnerability Assessment and Remediation
5. Controlled User of Administrative Privileges
A full explanation of all 20 controls is available at the Center for Internet Security website.
Search for CIS controls.
Security Standards and Regulations
The National Institute of Standards and Technology (NIST), Computer Security Division, provides
security standards in its Federal Information Processing Standards (.
Security and Ethical Challenges Contributors Kim Wanders.docx
Security and Ethical Challenges
Contributors: Kim Wandersee, Les Pang
Computer Security
Computer Security Goals
Computer security must be viewed in a holistic manner and provide an end-to-end protection
as data moves through its lifecycle. Data originates from a user or sensor, passes over a
network to reach a computing system that hosts software. This computer system has software
and processes the data and stores in in a storage device. That data is backed up on a device
and finally archived. The elements that handle the data need to be secure. Computer security
pertains to all the means to protect the confidentiality, integrity, availability, authenticity,
utility, and possession of data throughout its lifecycle.
Confidentiality: A security principle that
works to ensure that data is not disclosed to
unauthorized persons.
Integrity: A security principle that makes sure
that information and systems are not
modified maliciously or accidentally.
Availability: A security principle that assures
reliable and timely access to data and
resources by authorized individuals.
Authenticity: A security principle that the
data, transactions, communications or
documents are genuine, valid, and not
fraudulent.
Utility: A security principle that addresses
that the information is usable for its intended
purpose. .
Possession: A security principle that works to
ensure that data remains under the control of
the authorized individuals.
Figure 1. Parkerian Hexad (PH) security model.
The Parerian Hexad (PH) model expands on the Confidentiality, Integrity, and Availability (CIA)
triad that has been the basic model of Information Security for over 20 years. This framework is
used to list all aspects of security at a basic level. It provides a complete security framework to
provide the means for information owners to protect their information from any adversaries
and vulnerabilities. It adds Authenticity, Utility, and Possession to CIA triad security model. It
addresses security aspects for data throughout its lifecycle.
The Center for Internet Security has identified 20 controls necessary to protect an organization
from known cyber-attack. The first 5 controls will provide effective defense against the most
common cyber-attacks, approximately 85% of attacks. The 5 controls are:
1. Inventory of Authorized and Devices
2. Inventory of Authorized and Unauthorized Software
3. Secure Configurations for Hardware and Software
4. Continuous Vulnerability Assessment and Remediation
5. Controlled User of Administrative Privileges
A full explanation of all 20 controls is available at the Center for Internet Security website.
Search for CIS controls.
Security Standards and Regulations
The National Institute of Standards and Technology (NIST), Computer Security Division, provides
security standards in its Federal Information Processing Standards ( ...
security IDS
The CIA triangle outlines the three primary goals of information security: confidentiality, integrity, and availability. Confidentiality ensures that information is only available to authorized users, integrity ensures the accuracy and trustworthiness of information, and availability ensures that information is accessible when needed. These three principles form the basis of information security practices and help define how organizations should protect information assets from various threats.
Aspects of Network Security
This document discusses various aspects of network security. It outlines four key aspects:
1) Privacy - ensuring confidentiality of messages by encrypting transmissions so only the intended recipient can understand them.
2) Message integrity - ensuring data arrives at its destination exactly as sent with no changes, which is important for financial transactions.
3) Endpoint authentication - authenticating the identity of the sender to prevent impersonation.
4) Non-repudiation - providing proof of transmission to prevent senders from denying messages.
The document also discusses three levels of network security controls: physical, technical, and administrative. Physical controls restrict access to network infrastructure. Technical controls protect stored and transmitted data. Administrative controls manage user
Module 1.pptx
This document provides an introduction to network security. It discusses how computer data can be at risk when traveling between computers unless protected by cryptography. It defines computer security, network security, and internet security. Network security aims to ensure optimal machine functioning and restrict user access rights. Advantages include protecting client data and shared information. The document outlines security requirements like confidentiality, integrity, availability, and authentication. It also discusses challenges of security and provides an overview of the network security model and intrusion detection systems.
Computer Security Chapter 1
This document provides an introduction to information security concepts. It defines information security as protecting information and systems from unauthorized access, use, disclosure, disruption or destruction. The key aspects of information security are confidentiality, integrity and availability. Basic security terminology like identification, authentication, access control and confidentiality are explained. Common network vulnerabilities like weak passwords, protocol design flaws, and unauthorized access through modems are also discussed. The importance of network security is to protect company assets, gain competitive advantage and ensure regulatory compliance.
Seguridad web -articulo completo- ingles
This document discusses web security and attacks. It begins with an abstract noting that the web presents problems for both web clients and servers, requiring steps to protect both. Chapter 1 defines web security and discusses general security concepts like privacy, integrity, and availability. It also outlines technical methods to secure systems, like encryption, passwords, firewalls, and monitoring. Chapter 2 defines types of computer attacks like denial of service, man-in-the-middle, and brute force attacks. It also discusses social engineering techniques used to manipulate users into revealing confidential information.
Recommended
WK8.pptx
This document provides an overview of e-security and discusses key concepts like dimensions of security design, firewalls, virus protection, and protection from intruders. It defines e-security and its importance for e-commerce. Common e-commerce security pitfalls like hackers gaining access to information and loss of customer confidence are outlined. Tools for e-security like firewalls, password managers, and encryption software are also mentioned.
Security and Ethical Challenges Contributors Kim Wanders.docx
Security and Ethical Challenges
Contributors: Kim Wandersee, Les Pang
Computer Security
Computer Security Goals
Computer security must be viewed in a holistic manner and provide an end-to-end protection
as data moves through its lifecycle. Data originates from a user or sensor, passes over a
network to reach a computing system that hosts software. This computer system has software
and processes the data and stores in in a storage device. That data is backed up on a device
and finally archived. The elements that handle the data need to be secure. Computer security
pertains to all the means to protect the confidentiality, integrity, availability, authenticity,
utility, and possession of data throughout its lifecycle.
Confidentiality: A security principle that
works to ensure that data is not disclosed to
unauthorized persons.
Integrity: A security principle that makes sure
that information and systems are not
modified maliciously or accidentally.
Availability: A security principle that assures
reliable and timely access to data and
resources by authorized individuals.
Authenticity: A security principle that the
data, transactions, communications or
documents are genuine, valid, and not
fraudulent.
Utility: A security principle that addresses
that the information is usable for its intended
purpose. .
Possession: A security principle that works to
ensure that data remains under the control of
the authorized individuals.
Figure 1. Parkerian Hexad (PH) security model.
The Parerian Hexad (PH) model expands on the Confidentiality, Integrity, and Availability (CIA)
triad that has been the basic model of Information Security for over 20 years. This framework is
used to list all aspects of security at a basic level. It provides a complete security framework to
provide the means for information owners to protect their information from any adversaries
and vulnerabilities. It adds Authenticity, Utility, and Possession to CIA triad security model. It
addresses security aspects for data throughout its lifecycle.
The Center for Internet Security has identified 20 controls necessary to protect an organization
from known cyber-attack. The first 5 controls will provide effective defense against the most
common cyber-attacks, approximately 85% of attacks. The 5 controls are:
1. Inventory of Authorized and Devices
2. Inventory of Authorized and Unauthorized Software
3. Secure Configurations for Hardware and Software
4. Continuous Vulnerability Assessment and Remediation
5. Controlled User of Administrative Privileges
A full explanation of all 20 controls is available at the Center for Internet Security website.
Search for CIS controls.
Security Standards and Regulations
The National Institute of Standards and Technology (NIST), Computer Security Division, provides
security standards in its Federal Information Processing Standards (.
Security and Ethical Challenges Contributors Kim Wanders.docx
Security and Ethical Challenges
Contributors: Kim Wandersee, Les Pang
Computer Security
Computer Security Goals
Computer security must be viewed in a holistic manner and provide an end-to-end protection
as data moves through its lifecycle. Data originates from a user or sensor, passes over a
network to reach a computing system that hosts software. This computer system has software
and processes the data and stores in in a storage device. That data is backed up on a device
and finally archived. The elements that handle the data need to be secure. Computer security
pertains to all the means to protect the confidentiality, integrity, availability, authenticity,
utility, and possession of data throughout its lifecycle.
Confidentiality: A security principle that
works to ensure that data is not disclosed to
unauthorized persons.
Integrity: A security principle that makes sure
that information and systems are not
modified maliciously or accidentally.
Availability: A security principle that assures
reliable and timely access to data and
resources by authorized individuals.
Authenticity: A security principle that the
data, transactions, communications or
documents are genuine, valid, and not
fraudulent.
Utility: A security principle that addresses
that the information is usable for its intended
purpose. .
Possession: A security principle that works to
ensure that data remains under the control of
the authorized individuals.
Figure 1. Parkerian Hexad (PH) security model.
The Parerian Hexad (PH) model expands on the Confidentiality, Integrity, and Availability (CIA)
triad that has been the basic model of Information Security for over 20 years. This framework is
used to list all aspects of security at a basic level. It provides a complete security framework to
provide the means for information owners to protect their information from any adversaries
and vulnerabilities. It adds Authenticity, Utility, and Possession to CIA triad security model. It
addresses security aspects for data throughout its lifecycle.
The Center for Internet Security has identified 20 controls necessary to protect an organization
from known cyber-attack. The first 5 controls will provide effective defense against the most
common cyber-attacks, approximately 85% of attacks. The 5 controls are:
1. Inventory of Authorized and Devices
2. Inventory of Authorized and Unauthorized Software
3. Secure Configurations for Hardware and Software
4. Continuous Vulnerability Assessment and Remediation
5. Controlled User of Administrative Privileges
A full explanation of all 20 controls is available at the Center for Internet Security website.
Search for CIS controls.
Security Standards and Regulations
The National Institute of Standards and Technology (NIST), Computer Security Division, provides
security standards in its Federal Information Processing Standards ( ...
security IDS
The CIA triangle outlines the three primary goals of information security: confidentiality, integrity, and availability. Confidentiality ensures that information is only available to authorized users, integrity ensures the accuracy and trustworthiness of information, and availability ensures that information is accessible when needed. These three principles form the basis of information security practices and help define how organizations should protect information assets from various threats.
Aspects of Network Security
This document discusses various aspects of network security. It outlines four key aspects:
1) Privacy - ensuring confidentiality of messages by encrypting transmissions so only the intended recipient can understand them.
2) Message integrity - ensuring data arrives at its destination exactly as sent with no changes, which is important for financial transactions.
3) Endpoint authentication - authenticating the identity of the sender to prevent impersonation.
4) Non-repudiation - providing proof of transmission to prevent senders from denying messages.
The document also discusses three levels of network security controls: physical, technical, and administrative. Physical controls restrict access to network infrastructure. Technical controls protect stored and transmitted data. Administrative controls manage user
Module 1.pptx
This document provides an introduction to network security. It discusses how computer data can be at risk when traveling between computers unless protected by cryptography. It defines computer security, network security, and internet security. Network security aims to ensure optimal machine functioning and restrict user access rights. Advantages include protecting client data and shared information. The document outlines security requirements like confidentiality, integrity, availability, and authentication. It also discusses challenges of security and provides an overview of the network security model and intrusion detection systems.
Computer Security Chapter 1
This document provides an introduction to information security concepts. It defines information security as protecting information and systems from unauthorized access, use, disclosure, disruption or destruction. The key aspects of information security are confidentiality, integrity and availability. Basic security terminology like identification, authentication, access control and confidentiality are explained. Common network vulnerabilities like weak passwords, protocol design flaws, and unauthorized access through modems are also discussed. The importance of network security is to protect company assets, gain competitive advantage and ensure regulatory compliance.
Seguridad web -articulo completo- ingles
This document discusses web security and attacks. It begins with an abstract noting that the web presents problems for both web clients and servers, requiring steps to protect both. Chapter 1 defines web security and discusses general security concepts like privacy, integrity, and availability. It also outlines technical methods to secure systems, like encryption, passwords, firewalls, and monitoring. Chapter 2 defines types of computer attacks like denial of service, man-in-the-middle, and brute force attacks. It also discusses social engineering techniques used to manipulate users into revealing confidential information.
Network security model.pptx
Network security involves protecting networks from unauthorized access and risks. It is important for network administrators to take preventive measures to secure networks used by individuals, businesses, and governments. There are various types of network security devices that fulfill different functions like blocking surplus traffic (active devices), identifying unwanted traffic (passive devices), and scanning for potential problems (preventative devices). Firewalls are a key example of an active device that establishes a barrier between internal and external networks and regulates incoming and outgoing traffic.
ppt on securities.pptx
Computer and network security aims to protect systems and information from unauthorized access and harm. Key threats include malware like viruses and Trojans, spam emails containing malicious links, and network vulnerabilities that allow unauthorized activity. Effective security requires measures across several areas, such as network access control, antivirus software, firewalls, email security, application security, virtual private networks, and wireless security. As cyber attacks become more sophisticated, cyber security is increasingly important for organizations to protect their data and systems.
Chapter 4.ppt
Network security involves protecting computer networks and systems from unauthorized access, theft of or damage to hardware, software or electronic data. The chapter discusses network security basics, threats like cyberattacks and phishing, vulnerabilities from weaknesses in TCP/IP protocols and buffer overflows. It also covers network security protocols like IPsec, SSL/TLS, and wireless encryption methods like WEP, WPA, and WPA2 that are used to secure wireless networks and encrypt data transmitted over them. Administrative, technical and physical controls help defend networks against various security risks and assure network integrity and safety.
Unit v
The document discusses various security challenges and controls related to information technology and e-commerce. It covers privacy, authenticity, integrity, and reliability as key security requirements. It then describes different types of controls including input controls, processing controls, output controls, storage controls, facility controls like encryption and firewalls, procedural controls, and auditing. Key points around spoofing, outsourcing, information protection goals of confidentiality, integrity and availability are also summarized.
Cyber Crime and Security
The document discusses cyber crime, including defining it as criminal acts using computers and networks. It categorizes cyber crime and lists common types of cyber attacks such as hacking, denial of service attacks, computer vandalism, and cyber terrorism. It also discusses security measures at both the organizational and personal level to help prevent cyber crime such as using virus detection software, firewalls, encryption, and being cautious about sharing personal information online.
protection & security of e-commerce ...
The document discusses security issues related to e-commerce and provides recommendations for protecting e-commerce websites and transactions. It defines different types of e-commerce and describes common security tools like digital certificates, encryption, firewalls and passwords. The document outlines security threats such as hackers, data theft, and fraud. It recommends conducting risk assessments, implementing access controls, limiting user privileges, and using encryption and regular scanning to help secure e-commerce systems and transactions.
It security
This document outlines IT security procedures and guidelines for data protection. It discusses the objectives of data security including availability, integrity, confidentiality, authenticity and auditability. It describes threats such as accidental damages from environmental hazards or errors, and malicious damages from disgruntled employees or fraudsters. It also covers specific security measures like cryptography, access controls, network security, physical security, document security and biometric authentication. The overall document provides a comprehensive overview of IT security best practices for organizations.
edu03firewall,Antivirus software.pptx
Firewall and antivirus software are important preventive measures to protect devices from threats. A firewall monitors incoming and outgoing network traffic and blocks unwanted access based on security rules. It establishes a barrier between trusted and untrusted networks like the internet. Antivirus software uses techniques like scanning files to detect known viruses and identifying suspicious behavior that could indicate infection. Both provide important protections but also have limitations like not preventing insider threats or providing antivirus capabilities for firewalls.
Ethical Hacking and Network Defence 1.pptx
This document discusses ethical hacking and network defense. It defines ethical hacking as using hacking skills to identify vulnerabilities in a system in order to strengthen its security, without causing damage. Various types of hackers are described, including black hat hackers who perform malicious acts, white hat hackers who use their skills ethically, and grey hat hackers who work both offensively and defensively. The need for information security and common types of security controls are also outlined. Ethical hacking is presented as using the same tools as malicious hackers but to fix issues rather than exploit systems.
Computer security and
This document discusses various topics related to computer security including risks, attacks, safeguards, and ethics. It describes common security threats like viruses, hacking, denial of service attacks, and information theft. It also outlines methods to identify users, protect against threats, and investigate security incidents through digital forensics. Safeguards include firewalls, antivirus software, encryption, and physical access controls.
Cat21:Development Mangement Information Systems
Computer systems face security risks like trespassing, theft, alteration of information, and cyber crimes. To address these concerns, organizations must implement security measures to protect their data and systems. These include physical security of computer hardware, restricting access to data and software, using passwords and access codes, conducting security audits, and keeping backup files in secure locations away from the main system. Proper security controls and regular reviews are needed to safeguard computer systems and information from damage or unauthorized access.
Securityandethicalchallengesofinfornationtechnology 090902132631-phpapp02
This document discusses security and ethical challenges of information technology. It covers topics like the impacts of IT on society including issues around crime, privacy, employment, health and working conditions. It then discusses the need for security measures like encryption, firewalls, denial of service defenses, email and virus monitoring to minimize errors, fraud and losses. The goal of security management is to balance high quality products with maintaining privacy, security and ethics in society. Some challenges discussed are cyber terrorism and the need for companies and government to work together on security defenses and education.
Network Security
Network security involves securing a computer network infrastructure to protect networks and resources from unauthorized access. It handles threats like viruses, Trojan horses, vandals, and attacks that could access networks and intercept or alter data. Network security tools like antivirus software, secure infrastructure using firewalls, virtual private networks, identity services, and encryption help achieve objectives of protecting internet servers, internal networks, data, and company image while keeping data confidential. The advantages of network security include protecting personal data, information shared between computers, physical computers from harm, and organizational confidential data.
Security issue in e commerce
Security issue in e commerceBosco Technical Training Society, Don Bosco Technical School (Aff. GGSIP University, New Delhi)
Explain security issues and protection about unwanted threat in E-Commerce. Explain Security E-Commerce Environment. Security Threat in E-Commerce Environment.Lect13 security
The document discusses computer system security. It explains that security requirements vary based on the operating environment. Security goals are defined by policies, while mechanisms are used to achieve those goals. Common security goals are secrecy, privacy, authenticity, and integrity of information. Both internal and external security threats are discussed, along with potential attacks like viruses, worms, and logic bombs. Methods of passive attacks like browsing and active attacks on message communications are also summarized. The importance of cryptography for secure communication is highlighted. Symmetric and asymmetric cryptosystems are compared for encrypting messages between systems.
Computer-Security.pptx
This document discusses computer security and various cyber threats. It begins by explaining how computer security became increasingly important with the development of modems and personal computers in the late 20th century. It then discusses different methods used to protect computer systems and information, including serial numbers, locks, alarms, and various security strategies to address threats like data theft, vandalism, fraud, and privacy invasion. The document also provides definitions and examples of cryptography, encryption, malware, and other cyber attacks like phishing, watering hole attacks, and cybercrime. It concludes by listing some common reasons for web threats and tips to protect against web service attacks, such as backups, multi-factor authentication, malware scanning, and keeping software updated.
Cybercrime and security.pptx
Cybercrime and cyber security discusses various types of cybercrimes such as hacking, email bombing, cyberstalking, and phishing. It also outlines precautions that can be taken like using antivirus software, firewalls, strong passwords, and keeping systems updated. Cyber security techniques are important to protect computers, networks, and data from malicious cyber attacks through tools like antivirus, firewalls, encryption, and data backups. Cybercrime rates are increasing globally with billions lost each year emphasizing the need for improved cyber security measures.
презентация1
Network security involves protecting computer networks from unauthorized access and system damage. It ensures only authorized users can access network resources and data through authentication methods like usernames and passwords. Network security is needed because increased Internet usage has led to more hackers and attacks, putting networking systems and stored data at risk of viruses, delays, modifications or identity theft. Various security measures can help, such as antivirus software to detect malware, data loss prevention to restrict data sharing, email security to filter viruses and information leaks, and mobile security like antivirus to safeguard devices.
IS Unit II.pptx
This document discusses legal, ethical, and professional issues in information security. It begins by outlining the objectives and outcomes of the lesson, which are to understand these issues. It then provides an overview of security needs like ensuring business continuity, threats like human error and cyber attacks, and how businesses rely on information security to protect functionality, applications, data, and technology assets. Examples of common attacks are also described like malware, backdoors, password cracking, and spoofing. The document emphasizes understanding security needs and threats to make informed decisions about protecting an organization's information.
Cybersecurity from A to Z
What every small enterprise needs to know about information security. A simple and useful dictionary which finally explains the most important security terms.
Find out more about our services here: https://www.business-solutions.telefonica.com/en/sme/solutions/
Digital signature.pptx
Digital signatures provide message authentication, non-repudiation, and data integrity by using a combination of public-key cryptography and hash functions. The sender calculates a hash of the message and encrypts it with their private key to generate a digital signature. This signature is appended to the message before sending. The receiver decrypts the signature using the sender's public key and compares it to a hash of the received message. If they match, the signature is validated and message integrity and authentication are verified. Digital signatures do not provide privacy, but encryption of the signed message can be added for confidentiality.
Commercial credit and its types.pptx
Commercial credit refers to financing provided by lenders to businesses for operational and investment needs. There are several types of commercial credit, including business lines of credit which allow flexible borrowing up to a limit with interest only on amounts used, and term loans which are fixed amounts borrowed for specific purposes and repaid in installments. Other types are commercial mortgages secured by commercial property, trade credit from suppliers, equipment financing secured by purchased assets, and invoice financing using outstanding invoices as collateral. The availability and terms of commercial credit depend on a business's creditworthiness, industry, and lender requirements.
More Related Content
Similar to Computer system security and control-2.pptx
Network security model.pptx
Network security involves protecting networks from unauthorized access and risks. It is important for network administrators to take preventive measures to secure networks used by individuals, businesses, and governments. There are various types of network security devices that fulfill different functions like blocking surplus traffic (active devices), identifying unwanted traffic (passive devices), and scanning for potential problems (preventative devices). Firewalls are a key example of an active device that establishes a barrier between internal and external networks and regulates incoming and outgoing traffic.
ppt on securities.pptx
Computer and network security aims to protect systems and information from unauthorized access and harm. Key threats include malware like viruses and Trojans, spam emails containing malicious links, and network vulnerabilities that allow unauthorized activity. Effective security requires measures across several areas, such as network access control, antivirus software, firewalls, email security, application security, virtual private networks, and wireless security. As cyber attacks become more sophisticated, cyber security is increasingly important for organizations to protect their data and systems.
Chapter 4.ppt
Network security involves protecting computer networks and systems from unauthorized access, theft of or damage to hardware, software or electronic data. The chapter discusses network security basics, threats like cyberattacks and phishing, vulnerabilities from weaknesses in TCP/IP protocols and buffer overflows. It also covers network security protocols like IPsec, SSL/TLS, and wireless encryption methods like WEP, WPA, and WPA2 that are used to secure wireless networks and encrypt data transmitted over them. Administrative, technical and physical controls help defend networks against various security risks and assure network integrity and safety.
Unit v
The document discusses various security challenges and controls related to information technology and e-commerce. It covers privacy, authenticity, integrity, and reliability as key security requirements. It then describes different types of controls including input controls, processing controls, output controls, storage controls, facility controls like encryption and firewalls, procedural controls, and auditing. Key points around spoofing, outsourcing, information protection goals of confidentiality, integrity and availability are also summarized.
Cyber Crime and Security
The document discusses cyber crime, including defining it as criminal acts using computers and networks. It categorizes cyber crime and lists common types of cyber attacks such as hacking, denial of service attacks, computer vandalism, and cyber terrorism. It also discusses security measures at both the organizational and personal level to help prevent cyber crime such as using virus detection software, firewalls, encryption, and being cautious about sharing personal information online.
protection & security of e-commerce ...
The document discusses security issues related to e-commerce and provides recommendations for protecting e-commerce websites and transactions. It defines different types of e-commerce and describes common security tools like digital certificates, encryption, firewalls and passwords. The document outlines security threats such as hackers, data theft, and fraud. It recommends conducting risk assessments, implementing access controls, limiting user privileges, and using encryption and regular scanning to help secure e-commerce systems and transactions.
It security
This document outlines IT security procedures and guidelines for data protection. It discusses the objectives of data security including availability, integrity, confidentiality, authenticity and auditability. It describes threats such as accidental damages from environmental hazards or errors, and malicious damages from disgruntled employees or fraudsters. It also covers specific security measures like cryptography, access controls, network security, physical security, document security and biometric authentication. The overall document provides a comprehensive overview of IT security best practices for organizations.
edu03firewall,Antivirus software.pptx
Firewall and antivirus software are important preventive measures to protect devices from threats. A firewall monitors incoming and outgoing network traffic and blocks unwanted access based on security rules. It establishes a barrier between trusted and untrusted networks like the internet. Antivirus software uses techniques like scanning files to detect known viruses and identifying suspicious behavior that could indicate infection. Both provide important protections but also have limitations like not preventing insider threats or providing antivirus capabilities for firewalls.
Ethical Hacking and Network Defence 1.pptx
This document discusses ethical hacking and network defense. It defines ethical hacking as using hacking skills to identify vulnerabilities in a system in order to strengthen its security, without causing damage. Various types of hackers are described, including black hat hackers who perform malicious acts, white hat hackers who use their skills ethically, and grey hat hackers who work both offensively and defensively. The need for information security and common types of security controls are also outlined. Ethical hacking is presented as using the same tools as malicious hackers but to fix issues rather than exploit systems.
Computer security and
This document discusses various topics related to computer security including risks, attacks, safeguards, and ethics. It describes common security threats like viruses, hacking, denial of service attacks, and information theft. It also outlines methods to identify users, protect against threats, and investigate security incidents through digital forensics. Safeguards include firewalls, antivirus software, encryption, and physical access controls.
Cat21:Development Mangement Information Systems
Computer systems face security risks like trespassing, theft, alteration of information, and cyber crimes. To address these concerns, organizations must implement security measures to protect their data and systems. These include physical security of computer hardware, restricting access to data and software, using passwords and access codes, conducting security audits, and keeping backup files in secure locations away from the main system. Proper security controls and regular reviews are needed to safeguard computer systems and information from damage or unauthorized access.
Securityandethicalchallengesofinfornationtechnology 090902132631-phpapp02
This document discusses security and ethical challenges of information technology. It covers topics like the impacts of IT on society including issues around crime, privacy, employment, health and working conditions. It then discusses the need for security measures like encryption, firewalls, denial of service defenses, email and virus monitoring to minimize errors, fraud and losses. The goal of security management is to balance high quality products with maintaining privacy, security and ethics in society. Some challenges discussed are cyber terrorism and the need for companies and government to work together on security defenses and education.
Network Security
Network security involves securing a computer network infrastructure to protect networks and resources from unauthorized access. It handles threats like viruses, Trojan horses, vandals, and attacks that could access networks and intercept or alter data. Network security tools like antivirus software, secure infrastructure using firewalls, virtual private networks, identity services, and encryption help achieve objectives of protecting internet servers, internal networks, data, and company image while keeping data confidential. The advantages of network security include protecting personal data, information shared between computers, physical computers from harm, and organizational confidential data.
Security issue in e commerce
Security issue in e commerceBosco Technical Training Society, Don Bosco Technical School (Aff. GGSIP University, New Delhi)
Explain security issues and protection about unwanted threat in E-Commerce. Explain Security E-Commerce Environment. Security Threat in E-Commerce Environment.Lect13 security
The document discusses computer system security. It explains that security requirements vary based on the operating environment. Security goals are defined by policies, while mechanisms are used to achieve those goals. Common security goals are secrecy, privacy, authenticity, and integrity of information. Both internal and external security threats are discussed, along with potential attacks like viruses, worms, and logic bombs. Methods of passive attacks like browsing and active attacks on message communications are also summarized. The importance of cryptography for secure communication is highlighted. Symmetric and asymmetric cryptosystems are compared for encrypting messages between systems.
Computer-Security.pptx
This document discusses computer security and various cyber threats. It begins by explaining how computer security became increasingly important with the development of modems and personal computers in the late 20th century. It then discusses different methods used to protect computer systems and information, including serial numbers, locks, alarms, and various security strategies to address threats like data theft, vandalism, fraud, and privacy invasion. The document also provides definitions and examples of cryptography, encryption, malware, and other cyber attacks like phishing, watering hole attacks, and cybercrime. It concludes by listing some common reasons for web threats and tips to protect against web service attacks, such as backups, multi-factor authentication, malware scanning, and keeping software updated.
Cybercrime and security.pptx
Cybercrime and cyber security discusses various types of cybercrimes such as hacking, email bombing, cyberstalking, and phishing. It also outlines precautions that can be taken like using antivirus software, firewalls, strong passwords, and keeping systems updated. Cyber security techniques are important to protect computers, networks, and data from malicious cyber attacks through tools like antivirus, firewalls, encryption, and data backups. Cybercrime rates are increasing globally with billions lost each year emphasizing the need for improved cyber security measures.
презентация1
Network security involves protecting computer networks from unauthorized access and system damage. It ensures only authorized users can access network resources and data through authentication methods like usernames and passwords. Network security is needed because increased Internet usage has led to more hackers and attacks, putting networking systems and stored data at risk of viruses, delays, modifications or identity theft. Various security measures can help, such as antivirus software to detect malware, data loss prevention to restrict data sharing, email security to filter viruses and information leaks, and mobile security like antivirus to safeguard devices.
IS Unit II.pptx
This document discusses legal, ethical, and professional issues in information security. It begins by outlining the objectives and outcomes of the lesson, which are to understand these issues. It then provides an overview of security needs like ensuring business continuity, threats like human error and cyber attacks, and how businesses rely on information security to protect functionality, applications, data, and technology assets. Examples of common attacks are also described like malware, backdoors, password cracking, and spoofing. The document emphasizes understanding security needs and threats to make informed decisions about protecting an organization's information.
Cybersecurity from A to Z
What every small enterprise needs to know about information security. A simple and useful dictionary which finally explains the most important security terms.
Find out more about our services here: https://www.business-solutions.telefonica.com/en/sme/solutions/
Similar to Computer system security and control-2.pptx (20)
Securityandethicalchallengesofinfornationtechnology 090902132631-phpapp02
Securityandethicalchallengesofinfornationtechnology 090902132631-phpapp02
More from DaveN31
Digital signature.pptx
Digital signatures provide message authentication, non-repudiation, and data integrity by using a combination of public-key cryptography and hash functions. The sender calculates a hash of the message and encrypts it with their private key to generate a digital signature. This signature is appended to the message before sending. The receiver decrypts the signature using the sender's public key and compares it to a hash of the received message. If they match, the signature is validated and message integrity and authentication are verified. Digital signatures do not provide privacy, but encryption of the signed message can be added for confidentiality.
Commercial credit and its types.pptx
Commercial credit refers to financing provided by lenders to businesses for operational and investment needs. There are several types of commercial credit, including business lines of credit which allow flexible borrowing up to a limit with interest only on amounts used, and term loans which are fixed amounts borrowed for specific purposes and repaid in installments. Other types are commercial mortgages secured by commercial property, trade credit from suppliers, equipment financing secured by purchased assets, and invoice financing using outstanding invoices as collateral. The availability and terms of commercial credit depend on a business's creditworthiness, industry, and lender requirements.
ACCOUNTING FOR OH.pptx
This document discusses absorption costing and marginal costing methods. Absorption costing recognizes fixed costs as part of the unit cost of production, allocating overhead costs based on various bases like direct labor hours. Marginal costing only includes variable costs in the cost of goods sold and treats fixed costs as a period expense. The document provides examples of calculating predetermined overhead rates and analyzing overhead under/over-absorption. It also justifies absorption costing as including an appropriate share of total overhead costs in the product cost.
ACCOUNTING FOR MATERIAL.pptx
This document discusses different types of materials used in production including raw materials, work in progress, and finished goods. It also covers inventory control processes like ordering, receiving, and issuing materials. Key aspects summarized include the different stock control levels used like reorder level and economic order quantity, which aims to minimize total holding and ordering costs. Recording inventory accurately through methods like bin cards and ledger accounts is also emphasized.
CHAPTER ONE(B)- FORMS OF BUSINESS ORGANISATIONS.ppt
This document discusses different forms of business organizations including non-corporate organizations like sole proprietorships and partnerships, as well as corporate organizations like public and private limited companies. It focuses on key features and advantages/disadvantages of each type. Specifically, it provides details on sole proprietorships, partnerships, and limited liability for corporate organizations.
FIA 1.pptx
This document provides an introduction to accounting. It defines accounting as identifying, measuring, and communicating economic information to allow for informed decisions. The purpose of accounting is to provide standard financial information to assess profit/loss, asset value, cash flows, debts owed/due, and financial health. There are two main branches - financial accounting which records transactions and prepares financial statements, and management accounting which provides internal information to aid decision making. Key users of accounting information and their needs are also outlined.
CHAPTER 3-ECONOMIC ENVIRONMENT.ppt
The document discusses different economic systems and factors. It describes the key features of a centrally planned economy, free market economy, and mixed economy. It notes the advantages and disadvantages of each system. It also outlines several important economic factors for governments and businesses, including inflation, unemployment, exchange rates, fiscal policy, and monetary policy. The document provides an overview of different economic models and considerations.
More from DaveN31 (7)
CHAPTER ONE(B)- FORMS OF BUSINESS ORGANISATIONS.ppt
CHAPTER ONE(B)- FORMS OF BUSINESS ORGANISATIONS.ppt
Recently uploaded
Climate Impact of Software Testing at Nordic Testing Days
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
Maruthi Prithivirajan, Head of ASEAN & IN Solution Architecture, Neo4j
Get an inside look at the latest Neo4j innovations that enable relationship-driven intelligence at scale. Learn more about the newest cloud integrations and product enhancements that make Neo4j an essential choice for developers building apps with interconnected data and generative AI.
Video Streaming: Then, Now, and in the Future
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
ここ3000字までしか入らないけどタイトルの方がたくさん文字入ると思います。
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for life science domain, where you retriever information from biomedical knowledge graphs using LLMs to increase the accuracy and performance of generated answers
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
Best 20 SEO Techniques To Improve Website Visibility In SERP
Boost your website's visibility with proven SEO techniques! Our latest blog dives into essential strategies to enhance your online presence, increase traffic, and rank higher on search engines. From keyword optimization to quality content creation, learn how to make your site stand out in the crowded digital landscape. Discover actionable tips and expert insights to elevate your SEO game.
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
How to Get CNIC Information System with Paksim Ga.pptx
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
Removing Uninteresting Bytes in Software Fuzzing
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
National Security Agency - NSA mobile device best practices
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Building Production Ready Search Pipelines with Spark and Milvus
Spark is the widely used ETL tool for processing, indexing and ingesting data to serving stack for search. Milvus is the production-ready open-source vector database. In this talk we will show how to use Spark to process unstructured data to extract vector representations, and push the vectors to Milvus vector database for search serving.
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
ABSTRACT: A prima vista, un mattoncino Lego e la backdoor XZ potrebbero avere in comune il fatto di essere entrambi blocchi di costruzione, o dipendenze di progetti creativi e software. La realtà è che un mattoncino Lego e il caso della backdoor XZ hanno molto di più di tutto ciò in comune.
Partecipate alla presentazione per immergervi in una storia di interoperabilità, standard e formati aperti, per poi discutere del ruolo importante che i contributori hanno in una comunità open source sostenibile.
BIO: Sostenitrice del software libero e dei formati standard e aperti. È stata un membro attivo dei progetti Fedora e openSUSE e ha co-fondato l'Associazione LibreItalia dove è stata coinvolta in diversi eventi, migrazioni e formazione relativi a LibreOffice. In precedenza ha lavorato a migrazioni e corsi di formazione su LibreOffice per diverse amministrazioni pubbliche e privati. Da gennaio 2020 lavora in SUSE come Software Release Engineer per Uyuni e SUSE Manager e quando non segue la sua passione per i computer e per Geeko coltiva la sua curiosità per l'astronomia (da cui deriva il suo nickname deneb_alpha).
20240607 QFM018 Elixir Reading List May 2024
Everything I found interesting about the Elixir programming ecosystem in May 2024
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
Recently uploaded (20)
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Building Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and Milvus
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Computer system security and control-2.pptx
- 1. Computer system security and control
- 2. Information security is the protection of computer systems and networks from theft or damage to the hardware, software or electronic data as well as from the disruption or misdirection of the services they provide.
- 3. Objectives of information security It focuses on three goals: 1. Confidentiality: preventing the disclosure of information to unauthorized users. 2. Data integrity : ensuring the accuracy and authenticity of data. Only authorized persons may edit data and they need to follow procedures to prevent former employees from retaining the ability to alter company data
- 4. 3. Availability: authorised users should have reliable access to information when they need it TYPES OF INFORMATION SECURITY 1. Application security Involves protecting software applications by preventing, detecting and fixing bugs and vulnerabilities
- 5. 2. Cloud security Involves protections of data, applications and infrastructures involved in cloud computing 3. Cryptography Covers a lot of techniques for communicating in a secure manner
- 6. 4. Infrastructure security Eg data centers, internal and external networks, desktops
- 7. Reasons why computer systems are vulnerable Increased access to the system Disgruntled/dishonest employees Increased system complexity Cyber terrorism/crime on the internet or hackers Complacent management Modern networked systems
- 8. Natural disasters Fire Floods Earthquakes, wind storms and rain lightening
- 9. Accidental threats Human errors Procedural errors Software errors Electromechanical problems
- 10. International breaches of security Theft Terrorism Computer viruses Unauthorized disclosure or access, modification or destruction or loss of data or information Computer fraud
- 11. General controls Physical control Access controls or logical controls eg passwords, biometric identification techniques Back up Administrative controls
- 12. Types of Application controls Input controls: are computer controls designed to provide reasonable assurance that transactions are properly authorized before processed by the computer, incorrect transactions are rejected. Processing controls: provide an automated means to ensure processing is complete, accurate and authorized. Output controls: address what is done with data and should compare output results with the intended result by checking the output against the input
- 13. Internet and E-commerce challenges Viruses: Is a malicious piece of computer code designed to spread from device to device. Viruses are designed to damage a device or steal data Hackers: A security hacker is someone who explores methods for breaching defenses and exploiting weaknesses in a computer system or network Spamming: The use of messaging systems to send multiple unsolicited messages to large numbers of recipients for the purpose of commercial advertising or for any prohibited purpose
- 14. E-commerce controls Firewall: firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. Encryption: is the process of encoding information, that is the process converts the original representation of the information known as plain text into an alternative form known as cipher text. Only authorized parties can decipher a cipher text back to plaintext and access the original information.
- 15. Digital signature: is a mathematical technique used to validate the authenticity and integrity of message ,software or digital document. Digital signatures are based on public key cryptography and private key cryptography Authentication : uses password or any biometric technique